Are our expectations regarding online privacy changing?

I may be wrong about this, but in the last few weeks I seem to have noticed a weary acceptance from many of my clients that online privacy is now known to be a myth, so “why bother trying to keep private information private?”

This often crops up when I am installing, upgrading, or registering something online on behalf of one of my computer support clients. When it comes to the impertinent questions asked on web forms, I get vaguely embarrassed. I don’t want to ask the client for the information and I don’t want them to give it up to cyberspace. In the past, the client would often ask things such as “what do they want it for?” or “do I have to complete it?”. This has never been universal, of course. There are lots of people whose attitude has always been “I’ve got nothing to hide, so why shouldn’t I give them the information?”

Nevertheless, I do have a feeling that things are changing from two directions:

The client now seems to be more likely to say something along the lines of “Why not give it to them. We now know we’re being spied on by our own and other governments, so why try and keep information private now”. And even if they are not overtly aware of it, I think most people have some vague idea that behemoths like Google are pooling together the data they have on us from several sources and using it for ever more sophisticated marketing purposes. It feels as if we’re losing the battle to keep private information private, so why bother trying?

The organisations seeking the data seem to be getting cheekier in what they ask. It’s now becoming common for information such as “date of birth” to be compulsory when filling in forms. Why? What possible justification is there for this? It may be very useful for the marketing departments of these organisations to know exactly what “market segments” to place us in, but that’s just for THEIR benefit. It’s not for the user’s benefit. Unless there’s some obvious reason (such as relevance for medical or insurance reasons), I really don’t see why they should be so presumptuous as to INSIST that this information be provided. As I’ve said before, in these situations I just lie.

I was gobsmacked by the sting in the tail of an offer by Dropbox that I came across recently. Regular readers will know that I am a great fan of Dropbox. I have it on all my computers and devices. It means that a huge percentage of my most important data is always available to me wherever I am and whatever computers and devices I happen to have with me. And being just a tad nerdy (?!), I have been happy to go along with Dropbox’s clever marketing strategy whereby they give extra free online storage space for introducing new users (use this link, for example, to gain extra free space when joining Dropbox. If you do, I will also get some more free space.) and for taking part in other promotions. That’s fine. The nerd in me is quite chuffed that my free 2gb Dropbox account has now swelled to 13.8gb.

So, I followed the link when I recently discovered that if I installed an email program called Mailbox on my iPad and then “joined” it to my Dropbox account, I could instantly earn another gigabyte of free online storage. I just couldn’t believe my eyes, though, when I saw the terms and conditions attached to this offer (see figure 1).

Are they really saying what it seems they are saying? Are they really asking me to give them access to all of the data in my Dropbox account? All the private, business, medical, professional, and random data that is in my supposedly safe, secure account? I’m staggered at the thought of the implications of giving all this personal information away. I’m staggered at the cheek of Dropbox in asking me to do it. I’m yet more staggered at the thought that they wouldn’t have put this cunning plan together unless they thought that at least some of their users would go along with it.

I think I probably need some kind of reality check, because I’m about as staggered as it’s possible to be while still capable of standing. Is it just me? In the article in which I first learned about this wheeze, there was mention of the condition of opening up one’s data, but no expression of surprise, disapproval or anything else.

By the way, I should just add that I know that all of the above behaviour only applies to computer users over the age of forty. Anyone younger than that seems only too happy to spew all their private and personal stuff out online. That will no doubt end, eventually, when it finally sinks in that this is a very bad idea. It will be too late for an entire generation but, hopefully, the following generation will have learned that something said on Facebook at 12 years old may rule them out from a job interview ten years later.

Or have Dropbox got it right? Are we all – young and old – just going to give up on our privacy?

We may be fighting a losing battle with online privacy. As mentioned in last week’s blog on Internet Privacy, companies like Google, Facebook, and Amazon hoover up every crumb of information they can glean about us and use it to target us with ads and content that they think will appeal to us. As far as I know there’s isn’t any perfect strategy for maintaining online privacy, but there are lots of small things we can do that will certainly help.

I’m not concerned here with security on the internet as it relates to the safety of children, or trying to hide our identity so that we may be completely untraceable. I’m just trying to keep down the amount of un-necessary information we give to the likes of Google. These tips are equally valid in a home computer or business computer environment.

So, here are some tips. They’re not listed in any particular order. Some are easier to put into practice than others:

Create another email account that you never intend to use for “real” email. Don’t include your own real name in the account name and don’t give real data when completing the compulsory items of information in the account profile. Quote this email address on any websites that demand you supply one and where you don’t expect a normal, ongoing, email exchange (since you don’t want to have to keep checking this account for incoming emails). Having an “anonymous” account like this also helps in keeping spam out of your main email account.

If a website demands that you give personal information that is not connected with a financial transaction nor has other legal implications, then LIE. I will NOT give my real address or date of birth online when there is no legitimate NEED for it (and there are few legitimate needs except the protection of the other party in financial transactions). If I am entering a compulsory date of birth on a website where this is “relevant” (but not essential for financial reasons) then I enter a date that is close to my own (so that it makes no difference for the legitimate purposes of the website) but from which I can not be traced.

When filling in online forms, exercise judgement in completing any item that is not marked as compulsory (usually indicated by an asterisk or written in red). If they don’t require you to give a date of birth then why would you? If an item is compulsory but impertinent then LIE.

Don’t click on any “like” buttons in Facebook or anything similar (eg in Google).

Don’t take part in online quizzes or polls.

Preferably, don’t use Facebook at all.

If you’re still keen to use Facebook, go through all the settings and mark everything private except what you explicitly wish to share.

If you use LinkedIn, do not click on ads without first changing your privacy settings to exclude monitoring your activity re ads.

Do not use Gmail or any of its branded versions (I think Virgin’s webmail is one of those). Google reads your emails and bombards you with “appropriate” Google ads (sponsored links). See last week’s blog on Internet Privacy.

If you must use Gmail, at least ensure that you sign out when you are not actually using the email as Google records everything you do in your browser if you are logged in as a Gmail user. They then use this info to target you with Google ads. I also sign out of other sites, such as Microsoft Live, as soon as I’ve finished with them.

Disable or remove browser add-ons that place “toolbars” and/or “search boxes” at the top of your browser. These often have tracking software in them. Incidentally, your browser performance will also be improved by doing this and your browser screen will be less cluttered.

Be very careful about “linking” any social networking site to any other (by giving any of them permission to access others). You might add data to one program, believing it to be private, forgetting that you have linked it to another program that sucks in what you thought was private data and spits it out somewhere more public.

Set your browser so that all cookies are deleted as soon as you close the browser (but this has implications – read on).

Set your browser to delete your browsing history as soon as you close your browser.

Set your browser to disallow third party cookies.

Turn off Amazon browsing history.

If you use Firefox or Chrome as your browser then you can install AdBlock Plus. This will stop most ads from appearing while you are browsing.

Do not be misled into thinking that “private browsing” will give you any protection. It does suppress evidence on your own computer but it does not prevent sites you visit from recording your activity. Nevertheless, it may help to turn it on.

More technical ways of throwing websites off your scent include using proxy servers and using a dynamic IP address.

If you want to make an online purchase from a website that you don’t completely trust, you can use a prepaid Mastercard. This will limit your financial exposure to the value on the card and will also keep all your personal information from the website.

As if all this wasn’t already a nightmare worthy of a Kafka novel, some of these measures nullify others. You can turn off Amazon’s “browsing history” but the instructions to turn these off are held in cookies so if you delete cookies (as recommended above) you’re back to square one. Doh!

Some of the tips above are easy to carry out and others less so. I haven’t attempted to give specific instructions (eg for different versions of different browsers) as it would just take too long.

If you’d like some help in tightening up your online privacy, contact me to arrange either a computer support visit or some online remote support.